1995-09-22 - Re: Another Netscape Bug (and possible security hole)

Header Data

From: Adam Shostack <adam@homeport.org>
To: perry@piermont.com
Message Hash: 8dc8f7936462ce128ac0e9b9972bff5a71da83ff008f6e5997c33f1ece8f8c10
Message ID: <199509221927.PAA16372@homeport.org>
Reply To: <199509221243.IAA03781@frankenstein.piermont.com>
UTC Datetime: 1995-09-22 19:27:31 UTC
Raw Date: Fri, 22 Sep 95 12:27:31 PDT

Raw message

From: Adam Shostack <adam@homeport.org>
Date: Fri, 22 Sep 95 12:27:31 PDT
To: perry@piermont.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509221243.IAA03781@frankenstein.piermont.com>
Message-ID: <199509221927.PAA16372@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:

| I don't believe the Sun Java stuff would suffer from it, although I
| fear Java a great deal.

	I keep hearing this thought.  Isn't Win95 with its
'executables in email' much more dangerous than Java, which at least
tries to address security?

	There is the argument that the claims will inspire false
confidence in Java's security mechanisms, and thus people will be
bitten, but I don't buy it.  People don't look to security as a chack
item when buying software.  And when they do, they're usually not
capable of distinguishing between the pap that passes for security
through marketing from security by design.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume








Thread